OAuthPlugin - Code Metrics - Inspection of "HTTP plug implementation" - gentlero/bitbucket-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop ( #74 )

unknown

created 2020-02-02 17:20 UTC

OAuthPlugin A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	207
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	8

Importance

Changes

Metric	Value
wmc	20
lcom	1
cbo	8
dl	0
loc	207
rs	10
c	0
b	0
f	0

10 Methods

Rating	Name	Size	Complexity
A	__construct()	11	2
A	doHandleRequest()	18	1
A	getParametersToSign()	10	2
A	getOAuthParameters()	12	3
A	filterOAuthParameters()	12	3
A	getContentAsParameters()	6	1
A	isEndpointRequested()	4	1
A	getSigner()	12	2
A	initToken()	9	3
A	initConsumer()	10	2

<?php

/**
 * This file is part of the bitbucket-api package.
 *
 * (c) Alexandru G. <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Bitbucket\API\Http\Plugin;

use Http\Client\Common\Plugin;
use JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface;
use JacobKiers\OAuth\Consumer\ConsumerInterface;
use JacobKiers\OAuth\Token\TokenInterface;
use JacobKiers\OAuth as OAuth1;
use Psr\Http\Message\RequestInterface;

/**
 * @author  Alexandru G.    <[email protected]>
 */
class OAuthPlugin implements Plugin
{
    use Plugin\VersionBridgePlugin;

    const ENDPOINT_REQUEST_TOKEN    = 'oauth/request_token';
    const ENDPOINT_ACCESS_TOKEN     = 'oauth/access_token';
    const ENDPOINT_AUTHORIZE        = 'oauth/authenticate';

    /**
     * @var array
     */
    protected $config = array(
        'oauth_consumer_key'        => 'anon',
        'oauth_consumer_secret'     => 'anon',
        'oauth_token'               => '',
        'oauth_token_secret'        => '',
        'oauth_signature_method'    => 'HMAC-SHA1',
        'oauth_callback'            => '',
        'oauth_verifier'            => '',
        'oauth_version'             => '1.0',
    );

    /**
     * @var SignatureMethodInterface
     */
    protected $signature;

    /**
     * @var TokenInterface
     */
    protected $token;

    /**
     * @var ConsumerInterface
     */
    protected $consumer;

    public function __construct(
        array $config,
        SignatureMethodInterface $signature = null,
        TokenInterface $token = null,
        ConsumerInterface $consumer = null
    ) {
        $this->config       = array_merge($this->config, $config);
        $this->signature    = (!is_null($signature)) ? $signature : $this->getSigner();
        $this->token        = $this->initToken($token);
        $this->consumer     = $this->initConsumer($consumer);
    }

    protected function doHandleRequest(RequestInterface $request, callable $next, callable $first)

    {
        $params = $this->getParametersToSign($request);
        /** @var OAuth1\Request\Request $req */
        $req = OAuth1\Request\Request::fromConsumerAndToken(
            $this->consumer,
            $this->token,
            $request->getMethod(),
            (string) $request->getUri(),
            $params
        );

        $req->signRequest($this->signature, $this->consumer, $this->token);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

        $header = explode(':', $req->toHeader(), 2);

        return $next($request->withHeader($header[0], $header[1]));
    }

    /**
     * Include OAuth and request body parameters
     *
     * @access protected
     * @param  RequestInterface $request
     * @return array
     *
     * @see http://oauth.net/core/1.0/#sig_norm_param
     */
    protected function getParametersToSign(RequestInterface $request)
    {
        $params = $this->getOAuthParameters($request);

        if (in_array('application/x-www-form-urlencoded', $request->getHeader('Content-Type'), true)) {
            $params = array_merge($params, $this->getContentAsParameters($request));
        }

        return $params;
    }

    /**
     * Include/exclude optional parameters
     *
     * The exclusion/inclusion is based on current request resource
     *
     * @access protected
     * @param  RequestInterface $request
     * @return array
     */
    protected function getOAuthParameters(RequestInterface $request)
    {
        $params = $this->filterOAuthParameters(array('oauth_token', 'oauth_version'));

        if ($this->isEndpointRequested(self::ENDPOINT_REQUEST_TOKEN, $request)) {
            $params = $this->filterOAuthParameters(array('oauth_callback'));
        } elseif ($this->isEndpointRequested(self::ENDPOINT_ACCESS_TOKEN, $request)) {
            $params = $this->filterOAuthParameters(array('oauth_token', 'oauth_verifier'));
        }

        return $params;
    }

    /**
     * White list based filter
     *
     * @access protected
     * @param  string[] $include
     * @return array
     */
    protected function filterOAuthParameters(array $include)
    {
        $final = array();

        foreach ($include as $key => $value) {
            if (!empty($this->config[$value])) {
                $final[$value] = $this->config[$value];
            }
        }

        return $final;
    }

    /**
     * Transform request content to associative array
     *
     * @access protected
     * @param  RequestInterface $request
     * @return array
     */
    protected function getContentAsParameters(RequestInterface $request)
    {
        parse_str($request->getBody()->getContents(), $parts);

        return $parts;
    }

    /**
     * Check if specified endpoint is in current request
     *
     * @param  string           $endpoint
     * @param  RequestInterface $request
     * @return bool
     */
    protected function isEndpointRequested($endpoint, RequestInterface $request)
    {
        return strpos($request->getUri()->getPath(), $endpoint) !== false;
    }

    /**
     * Bitbucket supports only HMAC-SHA1 and PlainText signatures.
     *
     * For better security, HMAC-SHA1 is the default one.
     *
     * @return \JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface
     */
    protected function getSigner()
    {
        $signature = 'HmacSha1';

        if ($this->config['oauth_signature_method'] == 'PLAINTEXT') {
            $signature = 'PlainText';
        }

        $class = '\JacobKiers\OAuth\SignatureMethod\\'.$signature;

        return new $class();
    }

    /**
     * @access public
     * @param  TokenInterface|null $token
     * @return TokenInterface
     */
    protected function initToken($token)
    {
        return (!is_null($token)) ?
            $token :
            empty($this->config['oauth_token']) ?
                new OAuth1\Token\NullToken() :
                new OAuth1\Token\Token($this->config['oauth_token'], $this->config['oauth_token_secret'])
            ;
    }

    /**
     * @access public
     * @param  ConsumerInterface|null $consumer
     * @return ConsumerInterface
     */
    protected function initConsumer($consumer)
    {
        return (!is_null($consumer)) ?
            $consumer :
            new OAuth1\Consumer\Consumer(
                $this->config['oauth_consumer_key'],
                $this->config['oauth_consumer_secret']
            )
            ;
    }
}


1			<?php
2
3			/**
4			* This file is part of the bitbucket-api package.
5			*
6			* (c) Alexandru G. <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace Bitbucket\API\Http\Plugin;
13
14			use Http\Client\Common\Plugin;
15			use JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface;
16			use JacobKiers\OAuth\Consumer\ConsumerInterface;
17			use JacobKiers\OAuth\Token\TokenInterface;
18			use JacobKiers\OAuth as OAuth1;
19			use Psr\Http\Message\RequestInterface;
20
21			/**
22			* @author Alexandru G. <[email protected]>
23			*/
24			class OAuthPlugin implements Plugin
25			{
26			use Plugin\VersionBridgePlugin;
27
28			const ENDPOINT_REQUEST_TOKEN = 'oauth/request_token';
29			const ENDPOINT_ACCESS_TOKEN = 'oauth/access_token';
30			const ENDPOINT_AUTHORIZE = 'oauth/authenticate';
31
32			/**
33			* @var array
34			*/
35			protected $config = array(
36			'oauth_consumer_key' => 'anon',
37			'oauth_consumer_secret' => 'anon',
38			'oauth_token' => '',
39			'oauth_token_secret' => '',
40			'oauth_signature_method' => 'HMAC-SHA1',
41			'oauth_callback' => '',
42			'oauth_verifier' => '',
43			'oauth_version' => '1.0',
44			);
45
46			/**
47			* @var SignatureMethodInterface
48			*/
49			protected $signature;
50
51			/**
52			* @var TokenInterface
53			*/
54			protected $token;
55
56			/**
57			* @var ConsumerInterface
58			*/
59			protected $consumer;
60
61			public function __construct(
62			array $config,
63			SignatureMethodInterface $signature = null,
64			TokenInterface $token = null,
65			ConsumerInterface $consumer = null
66			) {
67			$this->config = array_merge($this->config, $config);
68			$this->signature = (!is_null($signature)) ? $signature : $this->getSigner();
69			$this->token = $this->initToken($token);
70			$this->consumer = $this->initConsumer($consumer);
71			}
72
73			protected function doHandleRequest(RequestInterface $request, callable $next, callable $first)
			0 ignored issues – show Documentation introduced 2020-02-02 17:11 UTC by Report Bug Copy Issue Report The return type could not be reliably inferred; please add a `@return` annotation. Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a `@return` annotation as described here. Loading history... Unused Code introduced 2020-02-02 17:11 UTC by Report Bug Copy Issue Report The parameter `$first` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
74			{
75			$params = $this->getParametersToSign($request);
76			/** @var OAuth1\Request\Request $req */
77			$req = OAuth1\Request\Request::fromConsumerAndToken(
78			$this->consumer,
79			$this->token,
80			$request->getMethod(),
81			(string) $request->getUri(),
82			$params
83			);
84
85			$req->signRequest($this->signature, $this->consumer, $this->token);
			0 ignored issues – show Documentation introduced 2015-12-05 07:39 UTC by Report Bug Copy Issue Report `$this->signature` is of type `object<JacobKiers\OAuth\...gnatureMethodInterface>`, but the function expects a `string`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
86
87			$header = explode(':', $req->toHeader(), 2);
88
89			return $next($request->withHeader($header[0], $header[1]));
90			}
91
92			/**
93			* Include OAuth and request body parameters
94			*
95			* @access protected
96			* @param RequestInterface $request
97			* @return array
98			*
99			* @see http://oauth.net/core/1.0/#sig_norm_param
100			*/
101			protected function getParametersToSign(RequestInterface $request)
102			{
103			$params = $this->getOAuthParameters($request);
104
105			if (in_array('application/x-www-form-urlencoded', $request->getHeader('Content-Type'), true)) {
106			$params = array_merge($params, $this->getContentAsParameters($request));
107			}
108
109			return $params;
110			}
111
112			/**
113			* Include/exclude optional parameters
114			*
115			* The exclusion/inclusion is based on current request resource
116			*
117			* @access protected
118			* @param RequestInterface $request
119			* @return array
120			*/
121			protected function getOAuthParameters(RequestInterface $request)
122			{
123			$params = $this->filterOAuthParameters(array('oauth_token', 'oauth_version'));
124
125			if ($this->isEndpointRequested(self::ENDPOINT_REQUEST_TOKEN, $request)) {
126			$params = $this->filterOAuthParameters(array('oauth_callback'));
127			} elseif ($this->isEndpointRequested(self::ENDPOINT_ACCESS_TOKEN, $request)) {
128			$params = $this->filterOAuthParameters(array('oauth_token', 'oauth_verifier'));
129			}
130
131			return $params;
132			}
133
134			/**
135			* White list based filter
136			*
137			* @access protected
138			* @param string[] $include
139			* @return array
140			*/
141			protected function filterOAuthParameters(array $include)
142			{
143			$final = array();
144
145			foreach ($include as $key => $value) {
146			if (!empty($this->config[$value])) {
147			$final[$value] = $this->config[$value];
148			}
149			}
150
151			return $final;
152			}
153
154			/**
155			* Transform request content to associative array
156			*
157			* @access protected
158			* @param RequestInterface $request
159			* @return array
160			*/
161			protected function getContentAsParameters(RequestInterface $request)
162			{
163			parse_str($request->getBody()->getContents(), $parts);
164
165			return $parts;
166			}
167
168			/**
169			* Check if specified endpoint is in current request
170			*
171			* @param string $endpoint
172			* @param RequestInterface $request
173			* @return bool
174			*/
175			protected function isEndpointRequested($endpoint, RequestInterface $request)
176			{
177			return strpos($request->getUri()->getPath(), $endpoint) !== false;
178			}
179
180			/**
181			* Bitbucket supports only HMAC-SHA1 and PlainText signatures.
182			*
183			* For better security, HMAC-SHA1 is the default one.
184			*
185			* @return \JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface
186			*/
187			protected function getSigner()
188			{
189			$signature = 'HmacSha1';
190
191			if ($this->config['oauth_signature_method'] == 'PLAINTEXT') {
192			$signature = 'PlainText';
193			}
194
195			$class = '\JacobKiers\OAuth\SignatureMethod\\'.$signature;
196
197			return new $class();
198			}
199
200			/**
201			* @access public
202			* @param TokenInterface\|null $token
203			* @return TokenInterface
204			*/
205			protected function initToken($token)
206			{
207			return (!is_null($token)) ?
208			$token :
209			empty($this->config['oauth_token']) ?
210			new OAuth1\Token\NullToken() :
211			new OAuth1\Token\Token($this->config['oauth_token'], $this->config['oauth_token_secret'])
212			;
213			}
214
215			/**
216			* @access public
217			* @param ConsumerInterface\|null $consumer
218			* @return ConsumerInterface
219			*/
220			protected function initConsumer($consumer)
221			{
222			return (!is_null($consumer)) ?
223			$consumer :
224			new OAuth1\Consumer\Consumer(
225			$this->config['oauth_consumer_key'],
226			$this->config['oauth_consumer_secret']
227			)
228			;
229			}
230			}
231

gentlero / bitbucket-api

Notification Setup Error

Pull Request — develop ( #74 )

OAuthPlugin A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like